|
Today, more than a billion people around the world use payment cards to support commercial transactions. The use of these payment cards represents an enormous opportunity for businesses to increase sales at the counter as well as through rapidly expanding channels such as online shopping.
However, the information associated with these payment cards—commonly referred to as “cardholder data”—is the focus of a growing number of identity theft activities.
To address the need to improve payment card security, the card industry has created a set of global requirements called the Payment Card Industry (PCI) Data Security Standard (DSS). Basically, PCI is a set of 12 data-centric control objectives and associated requirements for ensuring the security and privacy of cardholder data. All 12 requirements must be met for compliance, and the penalties for non-compliance are severe.
|
